77,527 research outputs found
Collaborative Verification-Driven Engineering of Hybrid Systems
Hybrid systems with both discrete and continuous dynamics are an important
model for real-world cyber-physical systems. The key challenge is to ensure
their correct functioning w.r.t. safety requirements. Promising techniques to
ensure safety seem to be model-driven engineering to develop hybrid systems in
a well-defined and traceable manner, and formal verification to prove their
correctness. Their combination forms the vision of verification-driven
engineering. Often, hybrid systems are rather complex in that they require
expertise from many domains (e.g., robotics, control systems, computer science,
software engineering, and mechanical engineering). Moreover, despite the
remarkable progress in automating formal verification of hybrid systems, the
construction of proofs of complex systems often requires nontrivial human
guidance, since hybrid systems verification tools solve undecidable problems.
It is, thus, not uncommon for development and verification teams to consist of
many players with diverse expertise. This paper introduces a
verification-driven engineering toolset that extends our previous work on
hybrid and arithmetic verification with tools for (i) graphical (UML) and
textual modeling of hybrid systems, (ii) exchanging and comparing models and
proofs, and (iii) managing verification tasks. This toolset makes it easier to
tackle large-scale verification tasks
Precise Null Pointer Analysis Through Global Value Numbering
Precise analysis of pointer information plays an important role in many
static analysis techniques and tools today. The precision, however, must be
balanced against the scalability of the analysis. This paper focusses on
improving the precision of standard context and flow insensitive alias analysis
algorithms at a low scalability cost. In particular, we present a
semantics-preserving program transformation that drastically improves the
precision of existing analyses when deciding if a pointer can alias NULL. Our
program transformation is based on Global Value Numbering, a scheme inspired
from compiler optimizations literature. It allows even a flow-insensitive
analysis to make use of branch conditions such as checking if a pointer is NULL
and gain precision. We perform experiments on real-world code to measure the
overhead in performing the transformation and the improvement in the precision
of the analysis. We show that the precision improves from 86.56% to 98.05%,
while the overhead is insignificant.Comment: 17 pages, 1 section in Appendi
Automated Verification of Design Patterns with LePUS3
Specification and [visual] modelling languages are expected to combine strong abstraction mechanisms with rigour, scalability, and parsimony. LePUS3 is a visual, object-oriented design description language axiomatized in a decidable subset of the first-order predicate logic. We demonstrate how LePUS3 is used to formally specify a structural design pattern and prove (‗verify‘) whether any JavaTM 1.4 program satisfies that specification. We also show how LePUS3 specifications (charts) are composed and how they are verified fully automatically in the Two-Tier Programming Toolkit
Path-Based Program Repair
We propose a path-based approach to program repair for imperative programs.
Our repair framework takes as input a faulty program, a logic specification
that is refuted, and a hint where the fault may be located. An iterative
abstraction refinement loop is then used to repair the program: in each
iteration, the faulty program part is re-synthesized considering a symbolic
counterexample, where the control-flow is kept concrete but the data-flow is
symbolic. The appeal of the idea is two-fold: 1) the approach lazily considers
candidate repairs and 2) the repairs are directly derived from the logic
specification. In contrast to prior work, our approach is complete for programs
with finitely many control-flow paths, i.e., the program is repaired if and
only if it can be repaired at the specified fault location. Initial results for
small programs indicate that the approach is useful for debugging programs in
practice.Comment: In Proceedings FESCA 2015, arXiv:1503.0437
- …